<?php

/*
 * This will be the view page of a security group depending on the passed parameter. 
 * 
 * Created by: Peter Agno Jr.
 * Date created: December 5, 2011
 * 
 * In parameters: securityGroupId
 */

//********************************************************************************************************
/*
 * Define the functions in here
 */

    // Start - Check if security group has no data in Dept_Pos_SecurityGroup
    function noDeptPosSecGrp($securityGroupId) {
        $query = 
        "
            SELECT * 
            FROM Dept_Pos_SecurityGroup 
            WHERE securityGroupId = '$securityGroupId'
        ";
        
        $result = mysql_query($query) or die ('Error in query: $query. ' . mysql_error());
        
        if ( mysql_fetch_array($result) == 0 ) {
            return true;
        }
        else {
            return false;
        }
    } // End - Check if security group has data in Dept_Pos_SecurityGroup

//********************************************************************************************************

// Start - Checker for those users who will just go to the page by typing directly in the url.
if ($_POST) { 
    include("siteTop.php"); 
    include('includes/siteConfig.php'); 

    // connect to database
    $connect = mysql_connect($hostName,$rootName,$dBasePassword) or die ('Unable to connect!');
    mysql_select_db($dBaseName) or die ('Unable to select database!');
    
    $securityGroupId = $_POST['securityGroupId'];
?>

<!-- HEADER START -->
    <!--JAVASCRIPT SOURCES-->
    <script src="js/jquery-1.6.2.min.js"></script>
    
    <!--ACTUAL JS SCRIPTS AND JQUERIES-->
    <script type="text/javascript">
        jQuery(document).ready(function(){ 
            // CHANGE FIRST THE CSS OF THE NAV BAR
            jQuery("#adminTools-nav").addClass("highlightMenuBar");
            jQuery("#secGrpSetup-nav").addClass("highlightMenuBar");
            
            // Start - Go back to admSecGroupSetup.php
            jQuery('#admSecGrpStpBtn').live("click",function() {
                window.location = 'admSecGroupSetup.php';
            }); // End - Go back to admDepartmentSetup.php
            
            // Start - Delete the security group
            jQuery('#delBtn').live("click",function() {
                var contDelete = confirm("Do you really want to delete " + jQuery("#securityGroupName").val() + " security group?");
                
                if ( contDelete == true ) {
                    // Start - Ajax for deleting the security group
                    jQuery.ajax({
                        type : 'POST',
                        url : 'ajaxRequests/admSecGroupDelete.php',
                        dataType : 'json',
                        async : false,
                        data: {
                            securityGroupId : jQuery("#securityGroupId").val(),
                            securityGroupName : jQuery("#securityGroupName").val()
                        },
                        success : function(data){
                            // If, successful deletion of security group
                            if (data) {
                                if ( data[0].flag == "success" ) {
                                    jQuery("#secGrpSuccessMessage").val(data[0].msg);
                                    jQuery("#secGrpStpMsgForm").submit();
                                }
                                else {
                                    alert(data[0].msg);
                                }
                            } // End if, successful deletion of security group
                        },
                        error : function() {
                            alert("Error : Deleting the security group was not successful.");
                        }
                    }); // End - Ajax for deleting the security group
                } // End if for confirmation of deletion
            }); // End - Delete the security group
            
            // Start - Edit the security group
            jQuery('#editBtn').live("click",function() {
                jQuery("#editSecGrpForm").submit();
            }); // End - Edit the security group
            
        }); // End - jQuery document ready
    </script>
<!-- HEAD END -->

<div id="content">
<h1>View Security Group</h1>
    <div class="contentbox">       
        <?php
        // Check permission
        $thePermissions = array('SECGRPSTP');
        if ( checkPermission( $thePermissions, $userId ) == true ) {
        ?>
            <span class="screenlet" >Security Group Information</span>
            <table>
                <tr>
                    <td>Security Group ID : </td>
                    <td>
                        <input type="hidden" name="securityGroupId" id="securityGroupId" value="<?php echo $securityGroupId; ?>"/>
                        <?php echo $securityGroupId; ?>
                    </td>
                </tr>
                <tr>
                    <td>Security Group Name : </td>
                    <td>
                    <?php 
                        $query =
                        "
                            SELECT securityGroupName
                            FROM SecurityGroup
                            WHERE securityGroupId = '$securityGroupId'
                        ";
                        
                        $result = mysql_query($query) or die ('Error in query: $query. ' . mysql_error());
                        $row = mysql_fetch_array($result);
                        
                        echo "<input type='hidden' name='securityGroupName' id='securityGroupName' value='".$row['securityGroupName']."'/>";
                        echo $row['securityGroupName'];
                    ?>
                    </td>
                </tr>
            </table>
            
            <span class="screenlet" >Permissions</span>
            <table border="1">
                <tr>
                    <th>Permission ID</th><th>Permission Name</th>
                </tr>
                <?php
                    $query =
                    "
                        SELECT P.permissionId as permissionId, P.permissionName as permissionName
                        FROM SecurityGroup_Permission as SGP, Permission as P
                        WHERE SGP.securityGroupId = '$securityGroupId'
                            AND SGP.permissionId = P.permissionId
                        ORDER BY P.permissionName
                    ";
                    
                    $result = mysql_query($query) or die ('Error in query: $query. ' . mysql_error());
                    
                    while ( $row = mysql_fetch_array($result) ) {
                        echo "<tr>";
                        echo "<td>" . $row['permissionId'] . "</td>";
                        echo "<td>" . $row['permissionName'] . "</td>";
                        echo "</tr>";
                    }
                ?>
            </table>
            <?php
                if ( noDeptPosSecGrp($securityGroupId) == true ) {
                    // Show Edit and Delete button if the security group has:
                    // - No Dept_Pos_SecurityGroup
                    ?>
                        <input type="Submit" name="editBtn" id="editBtn" value="Edit" class="siteGreenButton" />
                        <input type="Submit" name="delBtn" id="delBtn" value="Delete" class="siteRedButton" />
                    <?php
                }
            ?>
            
            <input type="Submit" name="admSecGrpStpBtn" id="admSecGrpStpBtn" value="Back" class="siteGreenButton" />
            
            <!-- Hidden form to be used when the delete of security group was successful -->
            <form id="secGrpStpMsgForm" name="secGrpStpMsgForm" action="admSecGroupSetup.php" method="POST">
                <input type="hidden" name="secGrpSuccessMessage" id="secGrpSuccessMessage" value=""/>
            </form>
            
            <!-- THIS WILL SERVE AS THE FORM IN ORDER TO PASS $securityGroupId TO admSecGroupEdit.php -->    
            <form id="editSecGrpForm" action="admSecGroupEdit.php" method="POST">
                <input type="hidden" name="securityGroupId" id="passedId"value="<?php echo $securityGroupId; ?>"/>
            </form>
        <?php
            mysql_free_result($result);
        }
        else {
            echo "<div class='noPermissionMsgBox noPermissionMsg' style='border: 2px solid red'><div id='noPermissionMsgs'>You have no permission to view this page.</div></div>";
        }
        // End checking permission
        ?>
    </div> <!-- contentbox end div -->
    
    <div style="position:relative; visibility: hidden">end</div>    <!-- extra space for contentbox -->
</div> <!-- content end div -->

<?php
    include ("siteBottom.php"); 
}   // End - Checker for those users who will just go to the page by typing directly in the url.
else {
 echo "You are not authorized to view this page. This incident will be reported immediately.";
}
?>

